how to invalid an SSL session ?
[prev] [thread] [next] [Date index for 2005/03/22]
From: Andrea Palmieri
Subject: how to invalid an SSL session ?
Date: 09:56 on 22 Mar 2005
Subject: how to invalid an SSL session ?
Date: 09:56 on 22 Mar 2005
This is a multi-part message in MIME format. ------=_NextPart_000_002C_01C52ECD.DA7FA920 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable I am writing some modules to do authentication in a reverse proxy = scenario. In a userid-password authentication mechanism I can invalid an = authentication session using $r->note_basic_auth_failure(); return Apache::AUTH_REQUIRED; =20 In this way I can invalid the authentication session and promt the user = once more with the user-id password dialog. Is there a way to reach the same result using SSL session ?=20 In this case the client authenticates itself providing a digital = certificate (this is done using the "SSLVerifyClient require" = directive), but I dont't know how to invalid the SSL session and how to = prompt the user with the certificate dialog.=20 Can anyone help ? thanks Andrea ------=_NextPart_000_002C_01C52ECD.DA7FA920 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <HTML><HEAD> <META http-equiv=3DContent-Type content=3D"text/html; = charset=3Diso-8859-1"> <META content=3D"MSHTML 6.00.2800.1491" name=3DGENERATOR> <STYLE></STYLE> </HEAD> <BODY bgColor=3D#ffffff> <DIV><FONT face=3DArial size=3D2> <DIV><FONT face=3DArial size=3D2>I am writing some modules to do = authentication=20 in a reverse proxy scenario.</FONT></DIV> <DIV><FONT face=3DArial size=3D2></FONT> </DIV> <DIV><FONT face=3DArial size=3D2>In a userid-password authentication = mechanism I can=20 invalid an authentication session using</FONT></DIV> <DIV><FONT face=3DArial size=3D2></FONT> </DIV> <DIV><FONT face=3DArial = size=3D2>$r->note_basic_auth_failure();<BR>return=20 Apache::AUTH_REQUIRED; </FONT> </DIV> <DIV><FONT face=3DArial size=3D2></FONT> </DIV> <DIV><FONT face=3DArial size=3D2>In this way I can invalid the = authentication=20 session and promt the user once more with the user-id password=20 dialog.</FONT></DIV> <DIV><FONT face=3DArial size=3D2></FONT> </DIV> <DIV><FONT face=3DArial size=3D2>Is there a way to reach the same result = using SSL session ? </FONT></DIV> <DIV><FONT face=3DArial size=3D2>In this case the client authenticates = itself=20 providing a digital certificate (this is done using the "<FONT=20 size=3D2>SSLVerifyClient require" directive), but I dont't know how to = invalid the=20 SSL session and how to prompt the user with the certificate dialog.=20 </FONT></FONT></DIV> <DIV><FONT face=3DArial size=3D2></FONT> </DIV> <DIV><FONT face=3DArial size=3D2>Can anyone help ?</FONT></DIV> <DIV><FONT face=3DArial size=3D2>thanks</FONT></DIV> <DIV><FONT face=3DArial size=3D2></FONT> </DIV> <DIV><FONT face=3DArial = size=3D2>Andrea</FONT></DIV></FONT></DIV></BODY></HTML> ------=_NextPart_000_002C_01C52ECD.DA7FA920--
 |
how to invalid an SSL session ?
|